bpf issues
sthaug at nethelp.no
sthaug at nethelp.no
Mon Sep 14 19:23:33 UTC 2009
> I hope this is the appropriate list. I am having issues using BPFs to
> filter out traffic captures. If I want to block a specific host by IP, the
> traffic is still recorded. I tried tcpdump and get the same results.
>
> Am I missing something?
Does your igb2 interface use VLAN encapsulation? If it does, you won't
see it in the tcpdump output unless you use -e, but you still need to
specify it together with your IP based filters - or tcpdump will apply
the wrong (off by 4 bytes) offset.
E.g. "tcpdump -nt -r tcpdump.pcap vlan and host 10.100.66.31"
Steinar Haug, Nethelp consulting, sthaug at nethelp.no
More information about the freebsd-net
mailing list